tomcat-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From bugzi...@apache.org
Subject [Bug 55599] 403 error on Manager when using NonLoginAuthenticator disableProxyCaching="false" on conetxt.xml
Date Thu, 26 Sep 2013 17:54:48 GMT
https://issues.apache.org/bugzilla/show_bug.cgi?id=55599

--- Comment #2 from Matafagafo <matafagafo@yahoo.com> ---
(In reply to Mark Thomas from comment #1)
> Given that the manager requires users to be authenticated, a 403 response
> seems entirely reasonable.
> 
> It isn't clear what you aretrying to achieve by configuring the
> NonLoginAuthenticator, nor where you doing this (context.xml is not specific
> enough). Either way, the users list is the place to go to seek further help.

Let me explain.
My application needs to be accessed thru SSL, so I configured a "Protected
Context" for it in Tomcat web.xml file, as You can se bellow

    <security-constraint>
        <web-resource-collection>
            <web-resource-name>Protected Context</web-resource-name>
            <url-pattern>/*</url-pattern>
        </web-resource-collection>
        <!-- auth-constraint goes here if you requre authentication -->
        <user-data-constraint>
            <transport-guarantee>CONFIDENTIAL</transport-guarantee>
        </user-data-constraint>
    </security-constraint>

It worked, but as a side effect Tomcat started to set "Cache-Control" HTTP
header in responses as "private". With this my application stop to use browsers
local cache.

To solve this I configured NonLoginAuthenticator disableProxyCaching="false" in
Tomcat context.xml and the "Cache-Control: private" problem is solved.
But with this config I can't access Tomcat Manager anymore !

Because of this I filed this bug, it appears to me that should be a way to
access the Manager in this situations.

-- 
You are receiving this mail because:
You are the assignee for the bug.

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org


Mime
View raw message